The 20 Coolest Endpoint And Managed Security Companies Of 2021: The Security 100
As part of CRN’s annual Security 100 list, here’s a look at 20 endpoint and managed security companies that are preventing attacks on servers, neutralizing IaaS and SaaS threats, and accelerating business recovery from breaches.
Doubling Down On Detection
Enterprises have increasingly adopted bring-your-own-device (BYOD) policies to provide employees with greater flexibility, and hackers have taken advantage of the change by targeting employees’ personal devices since they are often not properly secured. The growing use of remote location servers, smartphones and connected devices has also increased the likelihood of endpoint attacks or breaches.
Hackers can use laptops, smartphones or wearable devices to bypass a customer’s secured enterprise network, with Internet of Things, industrial control systems and smart sensors also attracting endpoint attacks. Companies with limited IT expertise are heavily adopting managed security services for real-time consultation to better understand new and unknown attacks.
The global endpoint security market is expected to grow at an compound annual growth rate of 8.2 percent over the next several years, going from $11.96 billion in 2019 to $22.4 billion by 2027, according to Fortune Business Insights. The rising adoption of connected devices and IoT across several industries in North America is boosting demand for endpoint and managed security in the area.
As part of CRN’s annual Security 100 list, here’s a look at 20 endpoint and managed security companies that are identifying and neutralizing evasive threats, preventing attacks on servers, responding to IaaS and SaaS vulnerabilities, and accelerating business recovery from cyberattacks.
Alert Logic in September updated its managed detection and response platform to deliver expanded attack surface coverage with innovative threat detection offerings for custom web applications. Three months later, the company launched an automated security response offering for AWS environments with definable and standard playbooks to ensure rapid response actions against cyberthreats.
Arctic Wolf works as an extension of an organization’s internal security team to provide around-the-clock monitoring, detection and response, and ongoing risk management to proactively protect systems and data. In October, the company closed a $200 million Series E round led by Viking Global Investors on a valuation of $1.3 billion to acquire new channel partners and build a stronger international presence.
Avast in July launched small-office protection to deliver complete online security for small businesses, entrepreneurs and home offices, which are becoming an increasing target for cybercriminals. The company debuted Secure Private Access two months later to provide zero trust network access through an approach in which authorized users are granted access to applications, but never the network.
Bitdefender in July started analyzing user actions to identify behaviors that pose a security risk to the organization and allow security administrators to pinpoint systems and users with higher risk exposure. Two months later, the company rolled out a service that delivers incident detection with rapid response using automated playbooks that allow analysts to quickly mitigate and remediate most threats.
Executive Chairman, CEO BlackBerry Persona Desktop debuted in October to validate user identity in real time by leveraging machine learning models to create a real-time trust score for laptop and desktop users. That same month, the company rolled out BlackBerry Protect Mobile to give security teams unprecedented visibility into their mobile, desktop and server endpoints from a single security console.
Broadcom CloudSOC and Secure Access Cloud facilitate access to on-premises, hosted and IaaS/PaaS- based resources and can help enforce access and activity controls based on the context of the user and the device. Secure Access Cloud enables granular access and eliminates network-level threats by using zero trust access principles in delivering point-to-point connectivity without agents or appliances.
Co-Founder, President, CEO CrowdStrike Endpoint Recovery Services debuted in February, bringing together the Falcon platform, threat intelligence and real-time response to accelerate business recovery from cyberintrusions. The October debut of CrowdStrike Falcon Horizon allows for the automation of cloud security management across the app development life cycle, enabling customers to securely deploy applications in the cloud.
Cybereason in April expanded its prevention, detection and response capabilities from traditional endpoints to mobile devices to allow customers to combat threats from a single console. Seven months later, Cybereason XDR was launched to fuse endpoint telemetry with behavioral analytics, empowering global enterprises to swiftly detect and thwart cyberattacks anywhere on their networks.
Dell has been laser-focused on developing intrinsic security where protection is built into the environment and made core to the infrastructure itself. The company in December rolled out seven new tools that not only brought more security to the Dell Technologies infrastructure and supply chain but also infused it into the process of consuming, utilizing and decommissioning technology.
eSentire esCloud brings around-the-clock configuration and vulnerability monitoring as well as threat detection and response to Infrastructure-as-a-Service and Software-as-a-Service deployments. The October debut of Cloud Automation Security Assistant offers customers a single place within Microsoft Teams to actively manage alerts, engage eSentire experts and launch automated threat configuration.
ESET Cloud Office Security launched in October to provide advanced preventative protection for users of Microsoft 365 applications, delivering immediate notification when the detection of malware occurs. ESET Protect Cloud launched in December to provide a cloud-based console for managing ESET security tools deployed in a network with visibility into both on-premises and off-premises endpoints.
Kaspersky has built a portfolio of subscription services around its unparalleled insight into threat actor activity and behavior to help move upmarket and capture more large deals with enterprise customers. In May, the company tasked former RSA leader Randall Richard with extending the company’s threat intelligence business beyond the Fortune 10 to address use cases in the Fortune 100 or Fortune 200.
Malwarebytes in April launched Endpoint Detection and Response for Servers and Endpoint Protection for Servers so that servers can also benefit from the company’s integrated detection and lightweight protection. Then in December, the company rolled out Malwarebytes Brute Force Protection to stop intrusion attacks targeting Remote Desktop Protocol (RDP) on Windows workstations and servers.
McAfee MVision XDR was unveiled in October and offers cloud-based advanced threat management with coverage across the attack life cycle, prioritization to protect what matters, easy orchestration and efficient response. The McAfee MVision Cloud Native Application Protection Platform delivers data protection, threat prevention, governance and compliance throughout the application life cycle.
Co-Founder, CEO SentinelOne in April unveiled new customizable dashboards and reporting capabilities to help customers extract maximum value from security data and provide context into the state of security operations. Five months later, the company unveiled a new Automated Application Control Engine to secure cloud and containerized workloads at runtime against known and unknown threats without human intervention.
Sophos in June enhanced its Endpoint Detection and Response tool to help security analysts identify and neutralize evasive threats, and aid IT administrators with proactively maintaining secure IT operations. Four months later, the company debuted an industry-first, fixed-fee remote incident response service that identifies and neutralizes active cybersecurity attacks throughout the whole 45-day engagement period.
Tanium Risk was unveiled in November to give customers insight into how their endpoints are operating by providing them with a score that contextualizes how secure the company’s IT assets are. The company also deepened its partnership with Salesforce in November to streamline help desk interactions by providing more visibility into the IT assets and endpoints a specific user has access to.
Trend Micro Cloud One–Network Security debuted in November for customers migrating their servers to the cloud, offering virtual private cloud protection at scale to support compliance requirements. A month later, the company rolled out a cloud-native file storage security tool to mitigate threats across the cloud environment and support compliance requirements for application builders.
VMware Carbon Black
GM VMware agreed in May to acquire cybersecurity startup Octarine, and planned to embed the technology into the VMware Carbon Black Cloud to better secure containerized applications running in Kubernetes. Then in September, VMware Carbon Black Cloud Workload was unveiled to deliver advanced protection and better secure modern workloads, thus reducing the attack surface and bolstering security posture.
Webroot, an OpenText company
Vice Chair, CEO, CTO
Webroot in June updated its DNS Protection filtering service by encrypting data using HTTPS to prevent eavesdropping, manipulation or exploitation of data by third parties and malicious actors. A month later, the company enhanced its Security Awareness Training with videos featuring updated COVID-19 content aimed at promoting the right security behavior, such as identifying phishing emails and malicious URLs.